[go: up one dir, main page]

WO2014194818A1 - Procédé pour découvrir un utilisateur d'équipement, et équipement d'utilisateur - Google Patents

Procédé pour découvrir un utilisateur d'équipement, et équipement d'utilisateur Download PDF

Info

Publication number
WO2014194818A1
WO2014194818A1 PCT/CN2014/079124 CN2014079124W WO2014194818A1 WO 2014194818 A1 WO2014194818 A1 WO 2014194818A1 CN 2014079124 W CN2014079124 W CN 2014079124W WO 2014194818 A1 WO2014194818 A1 WO 2014194818A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
user equipment
implicit
user identification
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2014/079124
Other languages
English (en)
Chinese (zh)
Inventor
杜振国
方平
丁志明
庞高昆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Device Co Ltd
Original Assignee
Huawei Device Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Device Co Ltd filed Critical Huawei Device Co Ltd
Priority to EP14807807.4A priority Critical patent/EP2947815A4/fr
Publication of WO2014194818A1 publication Critical patent/WO2014194818A1/fr
Priority to US14/823,080 priority patent/US9906953B2/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4547Network directories; Name-to-address mapping for personal communications, i.e. using a personal identifier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/14Direct-mode setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/65Telephone numbers

Definitions

  • the present invention claims priority to Chinese Patent Application No. 201310225872.3, filed on Jun. 7, 2013, the entire disclosure of which is hereby incorporated by reference.
  • TECHNICAL FIELD The present invention relates to the field of communications, and in particular, to a method and user equipment for discovering a user of a device.
  • BACKGROUND OF THE INVENTION Wireless Fidelity is a technology that supports the WiFi function and uses the WiFi interface to sense each other's existence and complete the networking and communication through the WiFi interface.
  • WiFi Direct Wireless Fidelity Direct
  • WiFi P2P Wireless Peer-to-Peer
  • WiFi Direct The user equipment broadcasts its presence by sending a Probe Request frame to complete user equipment discovery or service discovery.
  • Embodiments of the present invention provide a method and user equipment for discovering a user of a device to improve security of user identification information, so that a secure discovery between user devices is achieved.
  • a method for discovering a user of a device is provided, the method being applied to a first user device, wherein the first user device stores the first user device and The correspondence between the user identifier and the implicit user identifier information of one other user equipment, the method includes:
  • the user identifier of the first/second user equipment is a plaintext user identifier of the user identifier of the first/second user equipment, and the implicit user identifier information of the first/second user equipment is a usage reservation.
  • the information obtained by the function or the predetermined algorithm for processing the user identifier of the first/second user equipment; or the user identifier and the implicit user identifier information of the first/second user equipment are respectively Two identifiers corresponding to the same user equipment allocated by the first/second user equipment are described.
  • the predetermined function is specifically a hash function
  • the implicit user identifier information of the first/second user equipment is specifically at least The user identifier of the first/second user equipment is obtained by hashing the hash function.
  • the predetermined algorithm is specifically a public-private key algorithm
  • the implicit user identifier information of the first/second user equipment is the first / User identification of the second user equipment, mapping the generated key with a public-private key algorithm
  • the predetermined algorithm is specifically an encryption algorithm based on a public-private key algorithm
  • the implicit user identification information of the first/second user equipment is specifically configured by using a public-private key algorithm for the user identifier of the first/second user equipment.
  • the generated key encrypts the encrypted value of the user identifier of the first/second user equipment.
  • the method further includes:
  • the method further includes:
  • the user corresponding to the implicit user identifier information of the second user equipment is encrypted to obtain a first encrypted value
  • the method further includes: after the second user equipment obtains the user identifier of the first user equipment, using the user identifier of the second user equipment and the obtained user of the first user equipment Identifying, encrypting the determined user identifier of the first user equipment, obtaining a second encryption value, and sending the second encryption value to the first user equipment; receiving the Second encrypted value;
  • the first message further includes a user identifier type of the second user equipment and/or implicit user identifier information of the first user equipment;
  • the user identification type of the first user equipment is indication information of the implicit user identification information.
  • the present invention provides a user equipment for a user of a device, where the user device is a first user device, and the first user device includes: a storage unit, a receiving unit, an obtaining unit, and a determining unit;
  • the storage unit stores a correspondence between the user identifier of the first user equipment and the at least one other user equipment and the implicit user identification information, ⁇ ;
  • the receiving unit is configured to receive, by the second user equipment, a first cancellation that includes at least the implicit user identifier information of the second user equipment, where
  • the obtaining unit is configured to obtain, according to the correspondence relationship stored by the storage unit, a user identifier corresponding to the implicit user identifier information of the second user equipment;
  • the determining unit is configured to determine a user identifier of the second user equipment from a user identifier corresponding to the implicit user identifier information of the second user equipment, and further discover the user of the second user equipment;
  • the user identifier of the first/second user equipment is a plaintext user identifier of the user identifier of the first/second user equipment, and the implicit user identifier information of the first/second user equipment is a usage reservation.
  • the information obtained by the function or the predetermined algorithm for processing the user identifier of the first/second user equipment; or the user identifier and the implicit user identifier information of the first/second user equipment are respectively Two identifiers corresponding to the same user equipment allocated by the first/second user equipment are described.
  • the predetermined function is specifically a hash function
  • the implicit user identifier information of the first/second user equipment is specifically at least The user identifier of the first/second user equipment is obtained by hashing the hash function.
  • the algorithm is a public-private key algorithm
  • the implicit user identification information of the first/second user equipment is a key generated by mapping the user identifier of the first/second user equipment by using a public-private key algorithm
  • the predetermined algorithm is specifically an encryption algorithm based on a public-private key algorithm
  • the implicit user identification information of the first/second user equipment is specifically configured by using a public-private key algorithm for the user identifier of the first/second user equipment.
  • the generated key encrypts the encrypted value of the user identifier of the first/second user equipment.
  • the first user equipment is further Including: sending unit;
  • the sending unit is configured to send, to the second user equipment, a second message that includes at least the implicit user identifier information of the first user equipment, so that the second user equipment is configured according to the second user equipment.
  • Corresponding relationship between the stored user identifier and the implicit user identifier information of the second user equipment and the at least one other user equipment obtaining a user identifier corresponding to the implicit user identifier information of the first user equipment, The user identifier corresponding to the implicit user identifier information of the first user equipment determines the user identifier of the first user equipment, and further discovers the user of the first user equipment.
  • the first user equipment further includes: an encryption unit;
  • the cryptographic unit is configured to use the user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment to hide the second user equipment
  • the user identifier corresponding to the user identifier information is encrypted to obtain a first encrypted value
  • the sending unit is further configured to send the first encrypted value to the second user equipment
  • the second user equipment Determining, by the second user equipment, the user identifier corresponding to the implicit user identifier information of the first user equipment, that the user identifier of the first user equipment is specifically, so that the second Decrypting the first encrypted value by using a user identifier corresponding to the implicit user identifier information of the first user equipment and a user identifier of the second user equipment, and determining the first user equipment a receiving unit, configured to enable the second user equipment to obtain the first user After the user identifier of the user equipment is used, the user identifier of the first user equipment is encrypted by using the user identifier of the second user equipment and the obtained user identifier of the first user equipment, to obtain a second encryption value. Receiving, by the second user equipment, the second encrypted value;
  • the determining unit is configured to decrypt the second encrypted value by using a user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment, to obtain Decrypting the result, if the decryption result includes the user identifier of the first user equipment, the decryption result is correct, and the first user equipment will correspond to the user corresponding to the implicit user identifier information of the second user equipment.
  • the identifier is determined to be a user identifier of the second user equipment.
  • the first message is further Include a user identification type of the second user equipment and/or implicit user identification information of the first user equipment; or
  • the user identification type of the first user equipment is indication information of the implicit user identification information.
  • An embodiment of the present invention provides a method and a user equipment for a user of a device, and receives a first message that is sent by the second user equipment and includes at least the implicit user identifier information of the second user equipment. And obtaining, by the user equipment, the user identifier corresponding to the implicit user identifier information of the second user equipment, and determining, by using the user identifier corresponding to the implicit user identifier information of the second user equipment, The user identifier of the second user equipment, and then the user of the second user equipment.
  • the user identifier of the first user equipment and the second user equipment is processed by the scheme, and when the first user equipment and the second user equipment interact, the implicit user identifier information of the first user equipment and the second user equipment are utilized.
  • FIG. 1 is a schematic flowchart diagram of a method for discovering a user of a device according to an embodiment of the present disclosure
  • FIG. 2 is a schematic flowchart diagram of another method for discovering a user of a device according to an embodiment of the present disclosure
  • FIG. 3 is a schematic diagram of interaction of a method for discovering a user of a device according to an embodiment of the present invention
  • FIG. 4 is a schematic diagram of interaction of another method for discovering a user of a device according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a user equipment according to an embodiment of the present invention
  • FIG. 6 is a schematic structural diagram of another user equipment according to an embodiment of the present invention
  • FIG. 7 is still another user equipment provided by an embodiment of the present invention
  • Schematic The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. example. All other embodiments obtained by a person skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.
  • each user equipment uses WiF i P2P to identify each other, each user equipment broadcasts the service or user equipment information of interest through the Probe Reques t frame.
  • the purpose of mutual identification between the user equipments is to determine whether the other party is a friend of the user. Therefore, the Probe Reques t frame broadcasted by each user equipment carries its own user equipment identifier. information.
  • the user equipment identification information broadcast by each user equipment is the plaintext identifier of the user equipment, there is a problem of camouflage attacks and privacy leaks.
  • an embodiment of the present invention provides a method for discovering a user of a device.
  • an execution body of the method is a first user equipment, where the first user equipment stores the first Correspondence between the user identifier of the user equipment and the at least one other user equipment and the implicit user identification information, the method includes:
  • the user identifier of the first/second user equipment may be a plaintext user identifier of the user identifier of the first/second user equipment, and the implicit user identifier information of the first/second user equipment is utilized. Information obtained by processing a user identifier of at least the first/second user equipment by a predetermined function or a predetermined algorithm.
  • the user identifier and the implicit user identifier information of the first/second user equipment may be two identifiers corresponding to the same user equipment allocated by the server for the first/second user equipment, respectively.
  • the mapping between the two identifiers exists.
  • the application server assigns a first identity and a second identity to each second user device, and both the first identity and the second identity can be updated by the application server.
  • the user identifier corresponding to the implicit user identifier information of the second user equipment is obtained according to the corresponding relationship stored by the first user equipment.
  • the first user equipment uses the implicit user identifier information of the second user equipment and the user identifier and the implicit user of the first user equipment and the at least one other user equipment that are stored by the first user equipment.
  • the correspondence of the identification information is matched. If the implicit user identification information of the second user equipment is matched, the user identifier corresponding to the implicit user identification information of the second user equipment is obtained according to the correspondence.
  • the user identifier is The user identifier of the second user equipment, the first user equipment successfully discovering the user of the second user equipment.
  • the first user equipment obtains a plurality of user identifiers corresponding to the implicit user identifier information of the second user equipment according to the corresponding relationship stored by the first user equipment, the first user equipment Can benefit And interacting with the second user equipment by using the user identifier corresponding to the implicit user identifier information of the second user equipment and the user identifier of the first user equipment, further completing verification of the second user equipment, thereby determining The user identifier of the second user equipment is out.
  • An embodiment of the present invention provides a method for discovering a user of a device, and receiving, by the second user equipment, a first message that includes at least the implicit user identification information of the second user equipment; The user identifier corresponding to the implicit user identifier information of the second user equipment is obtained, and the user identifier corresponding to the implicit user identifier information of the second user equipment is determined. User identification of the second user equipment, and then discovering the user of the second user equipment.
  • the user identifier of the first user equipment and the user identifier of the second user equipment are processed as the implicit user identifier information of the first user equipment and the implicit user identifier information of the second user equipment, in the first user equipment and
  • the second user equipment performs the discovery, using the implicit user identification information of the first user equipment and the implicit user identification information of the second user equipment, the security of the user identification information of the user equipment can be ensured, so that the user equipment is secure. Discover each other.
  • An embodiment of the present invention provides a method for discovering a user of a device. As shown in FIG. 2, the method includes:
  • the first user equipment broadcasts the first message, and the first message includes at least the implicit user identifier information of the second user equipment.
  • the second user equipment broadcasts, by using a broadcast message, a first message that includes at least the implicit user identifier information of the second user equipment, where the first user equipment is in a range broadcast by the second user equipment.
  • the first message of the broadcast of the second user equipment may be received.
  • the user identifier of the first/second user equipment may be in the following two cases: In the first case, the user identifier of the first/second user equipment may be the user identifier of the first/second user equipment.
  • the plaintext user identifier, the implicit user identifier information of the first/second user equipment is information obtained by processing at least the user identifier of the first/second user equipment by using a predetermined function or a predetermined algorithm.
  • the predetermined function may be a hash function, and the implicit user identification information of the first/second user equipment is specifically that the user identifier of at least the first/second user equipment is hashed by using a hash function. After getting the information.
  • the hash transform is performed by inputting one or more pieces of information into a fixed-length output by a hash algorithm, and the output is a hash value. Different inputs may be hashed to the same output, and it is not possible to determine a unique input value from the hash value.
  • the implicit user identifier information of the second user equipment may be information that performs hash transformation on at least the user identifier of the second user equipment by using one or more different hash functions, or the second user equipment.
  • the plaintext identifier and other values are hashed.
  • the hash transformation may be Hash ( ), Hashl ( ), Hash 2 ( ), or Hash 3 ( And so on, the implicit user identification information of the second user equipment may be: Hash (ID2), or Hashl (ID2), Hash2 (ID2), Hash3 (ID2), etc.; or, Hash (ID2, ID1), or Hashl (ID2, ID1), Hash2 (ID2, ID1), Hash3 (ID2, ID1), etc.; or, Hash (ID2, 1), or Hashl (ID2, 1), Hash2 (ID2, 1), Hash3 (ID2, 1) Wait.
  • the predetermined algorithm may be a public-private key algorithm, and the implicit user identifier information of the first/second user equipment is generated by mapping the user identifier of the first/second user equipment by using a public-private key algorithm.
  • the predetermined algorithm is specifically an encryption algorithm based on a public-private key algorithm, and the implicit user identification information of the first/second user equipment is specifically a user identifier of the first/second user equipment. And encrypting the encrypted value obtained by encrypting the user identifier of the first/second user equipment by using a public key algorithm to map the generated key.
  • the public-private key algorithm is a very common encryption algorithm.
  • the basic idea of the algorithm is to use the private key to generate a public key.
  • the public key can be publicly disclosed.
  • the user equipment must retain the private key.
  • the message encrypted by the public key can only be used.
  • the private key is unlocked.
  • the implicit user identification information of the first/second user equipment may be a public key generated by using a public/private key algorithm as a private key of the first/second user equipment. key.
  • the predetermined algorithm is an encryption algorithm of the public-private key algorithm
  • the implicit user identification information of the first/second user equipment may be a public key generated by using the public identifier of the first/second user equipment as a private key. And encrypting the encrypted user value of the user identifier of the corresponding first/second user equipment by using the public key.
  • the user identifier and the implicit user identifier of the first/second user equipment may be respectively two identifiers corresponding to the same user equipment allocated by the server for the first/second user equipment. There is a mapping relationship between the two identifiers. For example, the application server allocates a first identifier and a second identifier to each second user equipment, and the first identifier and the second identifier can be updated by the application server.
  • the first user equipment in order to enable the first user equipment to quickly obtain the user identifier and the implicit user identifier information of the first user equipment and the at least one other user equipment according to the implicit user identification information of the second user equipment.
  • the user identifier corresponding to the implicit user identifier information of the second user equipment is obtained, and the first message further includes: an identifier type of the second user equipment.
  • the first user equipment is configured to quickly determine, according to the first message, whether it is the second user equipment.
  • the specific user equipment the first message further includes: a user identifier type of the first user equipment.
  • the user identifier of the first/second user equipment is an identifier of a user who uses the first/second user equipment.
  • the user identifier of the first user device may be a cipher, and the user identifier of the first user device may include a whisper, a secret code, the cipher, and a secret code that are pre-negotiated by the first user device and the second user device.
  • the whisper may be "the weather is good today"; the user identifier of the first/second user equipment may also be a number and a letter
  • the information such as the information, the service information, the geographical location information, the community group information, the job information, the keyword, the business card information, the matching information, and the like, and the user identifier of the first/second user equipment may be the first /
  • the user's personal information such as the telephone number, QQ number, and mailbox of the user of the second user equipment may also be the combined information of the personal information of the user such as the above telephone number, QQ number, and mailbox.
  • the user identification type of the first/second user device may be a QQ number, a phone number, a mailbox user name, or the like, or a combination of a QQ number, a phone number, a mailbox user name, and the like.
  • the content of the first message may be different.
  • the first scenario the second user equipment needs to discover all first user equipments in the coverage of the broadcast message that have a friend relationship with itself.
  • the first message includes only the related information of the second user equipment, and the user identifier of the first user equipment is not included in the implicit user identifier information of the second user equipment.
  • the implicit user identifier information of the second user equipment is information obtained by performing a hash transformation on the user identifier of the second user equipment by using a hash function; or The user identifier of the second user equipment is used to map the generated key with the public-private key algorithm; or the user identifier of the second user equipment is encrypted with the key generated by the public-private key algorithm mapping to encrypt the user identifier of the second user equipment.
  • the obtained encrypted value or one of two identifiers assigned by the server to the second user equipment.
  • the second scenario the second user equipment only needs to find a specific first user equipment that has a friend relationship with the user of the second user equipment.
  • the first message in addition to the related information of the user identifier of the second user equipment, the first message further includes related information of the user identifier of the first user equipment.
  • the first message may include the implicit user identifier information of the second user equipment, and the implicit user identifier information of the second user equipment is the second user equipment.
  • the user identifier and the user identifier of the specific first user equipment are hashed by using a hash function; or the first message may include the implicit user identifier information of the second user equipment. And implicit user identification information of the specific first user equipment.
  • the first user equipment obtains a user identifier corresponding to the implicit user identifier information of the second user equipment according to the corresponding relationship stored by the first user equipment.
  • the first user equipment uses the implicit user identifier information of the second user equipment and the user identifier and the implicit user of the first user equipment and the at least one other user equipment that are stored by the first user equipment.
  • the correspondence of the identification information is matched. If the implicit user identification information of the second user equipment is matched, the user identifier corresponding to the implicit user identification information of the second user equipment is obtained according to the correspondence.
  • the first user equipment determines, according to the user identifier corresponding to the implicit user identifier information of the second user equipment, the user identifier of the second user equipment, and further discovers the user of the second user equipment. .
  • the first user equipment When the first user equipment obtains only one user identifier corresponding to the implicit user identifier information of the second user equipment according to the corresponding relationship stored by the first user equipment, the user identifier is User identifier of the second user equipment, the first user The device successfully discovers the user of the second user equipment.
  • the first user equipment obtains a plurality of user identifiers corresponding to the implicit user identifier information of the second user equipment according to the corresponding relationship stored by the first user equipment
  • the first user equipment The second user equipment may be interacted with the user identifier corresponding to the implicit user identifier information of the second user equipment and the user identifier of the first user equipment, thereby further verifying the second user equipment, thereby Determining a user identifier of the second user equipment.
  • the second user equipment determines the user identifier of the second user equipment by broadcasting the implicit user identification information of the second user equipment, that is, the first user equipment determines the user identity of the second user equipment, A user equipment successfully discovers the second user equipment.
  • the method may further include the following steps:
  • the first user equipment sends, to the second user equipment, a second message that includes at least the implicit user identifier information of the first user equipment.
  • the second message may include only related information of the user identifier of the first user equipment.
  • the information of the user information of the first user equipment is obtained by performing a hash transformation on the user identifier of the first user equipment by using a hash function; or, the user of the first user equipment Identifying a key generated by using a public-private key algorithm mapping; or encrypting an encrypted value obtained by encrypting a user identifier of the first user equipment by using a key generated by a public-private key algorithm mapping to a user identifier of the first user equipment; Or one of two identifiers assigned by the server to the first user equipment.
  • the second message may also include using the user identifier of the first user equipment and the Information about the user identifier of the second user equipment determined by the first user equipment.
  • the second message may include the implicit user identifier information of the first user equipment, where the implicit user identifier information of the first user equipment is a user identifier of the first user equipment, and the The user identifier of the second user equipment determined by the first user equipment is obtained by using a hash function to perform hash transformation; or the second message may include the implicit user identifier information and the location of the first user equipment.
  • the second user equipment obtains the first user equipment according to the correspondence between the user identifier and the implicit user identifier information of the second user equipment and the at least one other user equipment that are stored by the second user equipment.
  • the user ID corresponding to the implicit user identification information is a user identifier of the first user equipment, and the The user identifier of the second user equipment determined by the first user equipment is obtained by using a hash function to perform hash transformation; or the second message may include the implicit user identifier information and the location of the first user equipment.
  • the first user equipment matches the implicit user identification information of the first user equipment with the implicit user identification information of the equipment stored by the second user equipment; if the first user equipment is matched to the implicit The user identifier information is obtained, and the user identifier corresponding to the implicit user identifier information of the first user equipment is obtained according to the correspondence.
  • the second user equipment determines whether the implicit user identification information of the received first user equipment is stored. If the received implicit user identification information of the first user equipment is stored, the second user equipment matches the implicit user identification information of the first user equipment. If the user identifier information of the first user equipment is matched, the second user equipment uses the user identifier of the device corresponding to the implicit user identifier information of the first user equipment as the first User ID corresponding to the implicit user identification information of the user equipment.
  • the second user equipment determines the user identifier of the first user equipment from the user identifier corresponding to the implicit user identifier information of the first user equipment, and further discovers the user of the first user equipment. .
  • the user identifier is a user identifier of a user equipment, the second user equipment successfully discovering the first user equipment.
  • the second user equipment obtains a plurality of user identifiers corresponding to the implicit user identifier information of the first user equipment according to the corresponding relationship stored by the second user equipment, the second user equipment The first user equipment may be interacted with the user identifier corresponding to the implicit user identifier information of the first user equipment and the user identifier of the second user equipment, thereby further verifying the first user equipment, thereby Determining a user identifier of the first user equipment.
  • the second user equipment determines the user identifier of the first user equipment from the user identifier corresponding to the implicit user identifier information of the first user equipment
  • the second user The device determines the identity of the user of the first user equipment, that is, the second user equipment successfully discovers the first user equipment.
  • the second message further includes a user identifier type of the first user equipment.
  • the first user equipment may be related to the second user equipment.
  • the user identifier corresponding to the implicit user identifier information is directly determined as the user identifier of the second user equipment.
  • the first user equipment needs to further implicitly from the second user equipment.
  • the user identifier corresponding to the user identifier information determines the user identifier of the second user equipment.
  • the implicit user identifier information of the second user equipment is information obtained by hashing the user identifier of the second user equipment by using a hash function
  • different inputs may be input due to hash transformation.
  • the hash is hashed to the same output, and it is not possible to determine the characteristics of the unique input value from the hash value.
  • the user identifiers of different user devices may obtain the implicit user identification information of the same second user equipment. For example, if the plaintext identifiers of the user equipments stored in the first user equipment are: ID21, ID22, ID23, ID24, and ID25, the first user equipment hashes the plaintext identifiers of the stored user equipments to obtain ID2 ID22.
  • the hash value of the ID23 is the same as the implicit user identifier information of the second user equipment, and the user identifier corresponding to the implicit user identifier information of the second user equipment is: ID21, ID22, and ID23. Therefore, when the first user equipment obtains multiple user identifiers corresponding to the implicit user identifier information of the second user equipment, the first user equipment cannot be hidden from the second user equipment.
  • the user identifier corresponding to the user identifier information determines the user identifier of the second user equipment.
  • the user includes:
  • the second user equipment broadcasts the first message, where the first message includes at least the implicit user identifier information of the second user equipment.
  • the first user equipment receives the first message broadcast by the second user equipment, where the first message includes at least the implicit user identifier information of the second user equipment.
  • the second user equipment broadcasts its own implicit user identification letter through a broadcast message.
  • the broadcast message of the second user equipment may be received.
  • the first user equipment obtains a user identifier corresponding to the implicit user identifier information of the second user equipment according to the corresponding relationship stored by the first user equipment.
  • the first user equipment uses the implicit user identifier information of the second user equipment and the user identifier and the implicit user of the first user equipment and the at least one other user equipment that are stored by the first user equipment.
  • the correspondence of the identification information is matched. If the implicit user identification information of the second user equipment is matched, the user identifier corresponding to the implicit user identification information of the second user equipment is obtained according to the correspondence.
  • the first user equipment uses the user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment, and the user equipment with the second user equipment
  • the user identifier corresponding to the implicit user identification information is encrypted to obtain a first encrypted value.
  • the first user equipment constructs an encryption key by using a determined decryption key, and then, by using an encryption algorithm and a constructed encryption key, the user corresponding to the implicit user identification information of the second user equipment.
  • the identifier is encrypted to obtain the first encrypted value.
  • the determined decryption key refers to an output value obtained by using a user identifier of the first user equipment and a user identifier corresponding to the implicit user identification information of the second user equipment as an input of the first decryption function.
  • the encryption key and the decryption key are the same; for an asymmetric algorithm, the encryption key must be constructed from the decryption key such that the decryption key is the determined decryption key.
  • the first user equipment uses the user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment as an output value obtained by inputting the first decryption function.
  • the encryption key the user identifier corresponding to the implicit user identification information of the second user equipment is encrypted by using the encryption key and the encryption algorithm to obtain a first encryption value.
  • the user identifier of the first user equipment is ID1, f(X, y)
  • the first user equipment is used.
  • the encryption key composed by the user identifier and the user identifier corresponding to the implicit user identifier information of the second user equipment are: f ( ID1 , ID21 ), f ( ID1 , ID22 ), f ( ID1 , ID23 ).
  • the first encryption value is: ⁇ ( f ( ID1 , ID21 ) , ID21 ) , E ( f ( ID1 , ID22 ) , ID22 ) , ⁇ ( f (ID1, ID23), ID23).
  • the first user equipment may first send, to the second user equipment, a second message that includes at least the implicit user identifier information of the first user equipment, and then send the first message to the second user equipment.
  • An encrypted value; a second message including at least the implicit user identification information of the first user equipment and the first encrypted value may be simultaneously sent to the second user equipment.
  • the second user equipment obtains the first user equipment according to the correspondence between the user identifier and the implicit user identifier information of the second user equipment and the at least one other user equipment that are stored by the second user equipment.
  • the user ID corresponding to the implicit user identification information.
  • the second user equipment obtains the a method for the user identifier corresponding to the implicit user identifier information of the user equipment, and the user identifier and the implicit identifier of the first user equipment and the at least one other user equipment stored by the first user equipment according to the first user equipment
  • the method for obtaining the user identifier corresponding to the implicit user identifier information of the second user equipment may be the same, and details are not described herein again.
  • the second user equipment decrypts the first encrypted value by using a user identifier corresponding to the implicit user identifier information of the first user equipment and a user identifier of the second user equipment, and further determines the location.
  • the user identifier of the first user equipment decrypts the first encrypted value by using a user identifier corresponding to the implicit user identifier information of the first user equipment and a user identifier of the second user equipment, and further determines the location.
  • the user identifier of the first user equipment decrypts the first encrypted value by using a user identifier corresponding to the implicit user identifier information of the first user equipment and a user identifier of the second user equipment.
  • the second user equipment may use the user identifier corresponding to the implicit user identifier information of the first user equipment and the user identifier of the second user equipment as the input of the second decryption function.
  • the obtained output value is used as a decryption key of the first encrypted value to decrypt the first encrypted value.
  • the output value obtained by using the user identifier corresponding to the implicit user identifier information of the first user equipment and the user identifier of the second user equipment as the input of the second decryption function is used as the decryption of the first encrypted value.
  • the key decrypts the first encrypted value to obtain a decrypted result.
  • the decryption result includes the user identifier of the second user equipment, the decryption result is correct, and the second user equipment obtains the user identifier of the first user equipment according to the decryption key of the first encryption value, and performs Steps 308-310.
  • step 311 is performed.
  • the above process causes the second user equipment to determine the user identifier of the first user equipment, and the first user equipment is found.
  • the second user equipment is discovered.
  • the method also includes the following steps:
  • the second user equipment encrypts the determined user identifier of the first user equipment by using the user identifier of the second user equipment and the obtained user identifier of the first user equipment, to obtain a second encryption. value.
  • the second user equipment After the second user equipment obtains the user identifier of the first user equipment, constructing an encryption key with the agreed decryption key, and then using the encryption algorithm and the constructed encryption key to obtain the obtained first user
  • the user identifier corresponding to the implicit user identification information of the device is encrypted to obtain a second encrypted value.
  • the determined decryption key refers to an output value obtained by using the user identifier of the second user equipment and the obtained user identifier corresponding to the implicit user identification information of the first user equipment as an input of the second decryption function.
  • the second user equipment uses the user identifier of the second user equipment and the user identifier of the first user equipment as the output value of the second decryption function as an encryption key.
  • the encryption key and the encryption algorithm encrypt the obtained user identifier corresponding to the implicit user identification information of the first user equipment to obtain a second encryption value.
  • the user identifier of the first user equipment is ID1 and the user identifier of the second user equipment is ID2, g(X, y) is a function of an encryption key
  • the user of the second user equipment The encryption key formed by the user identifier corresponding to the implicit user identification information of the first user equipment is: g (ID2, ID1).
  • the secret algorithm is E ( g ( x , y ) , x )
  • the second encryption value is: ⁇ ( g ( ID2 , ID1 ) , ID1 ).
  • the second user equipment sends the second encryption value to the first user equipment.
  • the first user equipment decrypts the second encrypted value by using the user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment. Decrypt the result.
  • the user identifier corresponding to the implicit user identifier information of the second user equipment and the user identifier of the first user equipment may be used as the first decryption function. Inputting the obtained output value as the decryption key of the second encrypted value, decrypting the second encrypted value, obtaining a decrypted result, and obtaining a user identifier of the second user equipment according to the decrypted result .
  • the decryption result includes the user identifier of the first user equipment, the decryption result is correct, and the first user equipment inputs the corresponding first decryption function and the implicit user of the second user equipment
  • the user identifier corresponding to the identifier information is determined as the user identifier of the second user equipment, and step 313 is performed.
  • step 312 is performed.
  • the second user equipment sends a message that the discovery fails to the first user equipment.
  • the discovery of the first user equipment and the second user equipment fails, and the discovery process ends.
  • the first user equipment sends a message that the discovery fails to the second user equipment.
  • the first user equipment sends a message that the discovery is successful to the second user equipment.
  • the user equipments can be mutually recognized more quickly, and the corresponding relationship stored in the first equipment may further include: decrypting the decryption of the second encryption value.
  • the key and the encrypted value encrypted for the user identity of the first user device After the first user equipment receives the second encrypted value, the second encrypted value is matched; if the second encrypted value is matched, the user equipment corresponding to the second encrypted value is used.
  • the user identifier is used as the user identifier of the second user equipment.
  • the first user equipment determines, according to the stored encryption value that is encrypted by the user identifier of the first user equipment, whether the second encryption value is stored in the first user. If the second encryption value is stored in the first user equipment, the user identifier of the user equipment corresponding to the stored second encryption value is used as the user identifier of the second user equipment.
  • the decryption of the second encrypted value without using the decryption key and the decryption function reduces the amount of computation of the first user equipment and, at the same time, increases the recognition speed between the first user equipment and the second user equipment.
  • the correspondence may further include: encrypting an encrypted value of the user identifier of the second user equipment, or encrypting the user identifier of the second user equipment.
  • the encrypted value and the decryption key that decrypts the first encrypted value may further include: encrypting an encrypted value of the user identifier of the second user equipment, or encrypting the user identifier of the second user equipment. The encrypted value and the decryption key that decrypts the first encrypted value.
  • the first user equipment uses the encrypted value corresponding to the user identifier corresponding to the implicit user identifier information of the second user equipment as the first encrypted value.
  • the first encryption value is obtained by using the encryption key and the encryption function when the first user equipment is to obtain the first encryption value, which reduces the calculation amount of the first user equipment, and improves the first user equipment and the second user equipment. The speed of recognition between.
  • the verification value may be added to the communication information between the first user equipment and the second user equipment, and the verification value may be at least a random number; as shown in FIG. 4, the information about the verification value generated by the first user equipment is added to the information exchanged between the first user equipment and the second user equipment, and the verification value generated by the second user equipment is used.
  • the first user equipment and the second user equipment are authenticated to the user of the other device, and the method includes:
  • the second user equipment sends a broadcast message, where the broadcast message includes the implicit user identifier information of the second user equipment.
  • the first user equipment receives a broadcast message sent by the second user equipment, where The broadcast message includes implicit user identification information of the second user equipment.
  • the first user equipment obtains a user identifier corresponding to the implicit user identifier information of the second user equipment according to the corresponding relationship stored by the first user equipment.
  • the first user equipment generates a first verification value.
  • the first user equipment uses the user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment to implicitly associate with the second user equipment.
  • the user identifier corresponding to the user identification information and the first verification value are encrypted to obtain a first encrypted value.
  • the first user equipment may use the encryption key and the encryption algorithm to respectively input the user identifier corresponding to the implicit user identifier information of the second user equipment and the first verification value as input of an encryption algorithm, respectively. Encrypting; the first user equipment may also use an encryption key and an encryption algorithm to simultaneously input the user identifier corresponding to the implicit user identification information of the second user equipment and the first verification value as an input of an encryption algorithm. Carry out the power of the mouth.
  • the first user equipment sends, to the second user equipment, a second message that includes at least the implicit user identifier information of the first user equipment, the first encryption value, and the first verification value.
  • the first user equipment may first send, to the second user equipment, a second message that includes at least the implicit user identifier information of the first user equipment, and then send the first message to the second user equipment.
  • An encrypted value and the first verification value; the implicit user identification information including the first user equipment, the first encryption value, and the first verification value may be simultaneously sent to the second user equipment The second message.
  • the second user equipment obtains the first user equipment according to the correspondence between the user identifier and the implicit user identifier information of the second user equipment and the at least one other user equipment that are stored by the second user equipment.
  • the user ID corresponding to the implicit user identification information.
  • the second user equipment uses the user identifier corresponding to the implicit user identifier information of the first user equipment and the user identifier of the second user equipment to the first
  • the encrypted value is decrypted to determine the user identifier of the first user equipment.
  • the decryption result includes the user identifier of the second user equipment and the first verification value, the decryption result is correct, and the second user equipment obtains the user identifier of the first user equipment, and steps 409-41 2 are performed.
  • step 41 3 is performed.
  • the second user equipment generates a second verification value.
  • the first user equipment encrypts the determined user identifier of the first user equipment by using the user identifier of the second user equipment and the obtained user identifier of the first user equipment, and obtains the second Encrypted value.
  • the second user equipment may use an encryption key and an encryption algorithm to respectively encrypt the user identifier of the first user equipment and the second verification value as input of an encryption algorithm, respectively; the second user equipment may also The user identifier of the first user equipment and the second verification value are simultaneously used as an input of an encryption algorithm by using an encryption key and an encryption algorithm.
  • the second user equipment sends the second encrypted value and the second verification value to the first user equipment.
  • the second user equipment decrypts the second encrypted value by using the user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment. Get the decrypted result.
  • step 41 5 If the decryption result includes the user identifier of the first user equipment and the second verification value, the decryption result is correct, and the first user equipment obtains the user identifier of the second user equipment, and step 41 5 is performed.
  • step 414 is performed.
  • the second user equipment sends a message that the discovery fails to the first user equipment, and the discovery process ends.
  • the first user equipment sends a message that the discovery fails to the second user equipment, and the discovery process ends.
  • the first user equipment sends a successful discovery to the second user equipment. Interest.
  • the first user equipment is required to be the same authentication value in the information exchanged between the first user equipment and the second user equipment.
  • Encrypting the verification value with at least one user equipment of the second user equipment so that when the second user equipment discovers the first user equipment, if the first user equipment is a disguised user equipment, the first user equipment cannot accurately decrypt
  • the information about the verification value sent by the second user equipment Similarly, when the second user equipment is discovered by the first user equipment, if the second user equipment is a masquerading user equipment, the second user equipment cannot accurately decrypt the first user.
  • the information about the verification value sent by the device which in turn makes the judgment of the camouflage attack.
  • the method of adding a verification value to the information exchanged between the first user equipment and the second user equipment to prevent the spoofing attack is a method commonly used by those skilled in the art.
  • the verification value is added to the information exchanged between the first user equipment and the second user equipment, and the manner of preventing the camouflage attack is not specifically limited.
  • the encryption of the user identifier and the verification value obtained by the present invention may be performed by encrypting the user identifier and the verification value together to obtain an encryption value, or separately encrypting the user identifier and the verification value to obtain an encryption value.
  • An embodiment of the present invention provides a method for discovering a user of a device, and receiving, by the second user equipment, a first message that includes at least the implicit user identification information of the second user equipment;
  • the user identifier corresponding to the implicit user identifier information of the second user equipment is obtained, and the user identifier corresponding to the implicit user identifier information of the second user equipment is determined.
  • User identification of the second user equipment and then discovering the user of the second user equipment.
  • the user identifier of the first user equipment and the second user equipment is processed by the scheme, and when the first user equipment and the second user equipment interact, the implicit user identifier information of the first user equipment and the second user equipment are utilized.
  • the implicit user identification information can ensure the security of the user identification information of the user equipment, so that the user equipment can securely discover each other.
  • An embodiment of the present invention provides a user equipment, where the user equipment is a first user equipment.
  • the first user equipment 50 includes: a storage unit 54, a receiving unit 51, an obtaining unit 52, and a determining unit 53.
  • the storage unit 54 stores a correspondence between the user identifier of the first user equipment and the at least one other user equipment and the implicit user identification information.
  • the receiving unit 51 is configured to receive, by the second user equipment, a first message that includes at least the implicit user identifier information of the second user equipment.
  • the obtaining unit 52 is configured to obtain, according to the correspondence relationship stored by the storage unit, a user identifier corresponding to the implicit user identifier information of the second user equipment.
  • the determining unit 53 is configured to determine, according to the user identifier corresponding to the implicit user identifier information of the second user equipment, the user identifier of the second user equipment, and further discover the user of the second user equipment. .
  • the user identifier of the first/second user equipment is a plaintext user identifier of the user identifier of the first/second user equipment, and the implicit user identifier information of the first/second user equipment is a usage reservation.
  • the information obtained by the function or the predetermined algorithm for processing the user identifier of the first/second user equipment; or the user identifier and the implicit user identifier information of the first/second user equipment are respectively Two identifiers corresponding to the same user equipment allocated by the first/second user equipment are described.
  • the predetermined function is specifically a hash function
  • the implicit user identification information of the first/second user equipment is specifically configured to use a hash function for at least the user identifier of the first/second user equipment. The information obtained after the transformation.
  • the predetermined algorithm is a public-private key algorithm
  • the implicit user identification information of the first/second user equipment is a secret generated by mapping the user identifier of the first/second user equipment by using a public-private key algorithm. Key; or,
  • the predetermined algorithm is specifically an encryption algorithm based on a public-private key algorithm
  • the implicit user identification information of the first/second user equipment is specifically configured by using a public-private key algorithm for the user identifier of the first/second user equipment.
  • the generated key encrypts the encrypted value of the user identifier of the first/second user equipment.
  • the first user equipment 50 further includes: a sending unit 55.
  • the sending unit 55 is configured to send, to the second user equipment, a second message that includes at least the implicit user identification information of the first user equipment, so that the second user equipment is configured according to the second user equipment. Corresponding relationship between the user identifier of the second user equipment and the at least one other user equipment and the implicit user identification information, obtained and obtained The user identifier corresponding to the implicit user identifier information of the first user equipment determines the user identifier of the first user equipment from the user identifier corresponding to the implicit user identifier information of the first user equipment.
  • the first user equipment 50 further includes: an encryption unit 56.
  • the cryptographic unit 56 is configured to use the user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment, to the second user equipment
  • the user identifier corresponding to the implicit user identification information is encrypted to obtain a first encrypted value.
  • the sending unit 55 is further configured to send the first encryption value to the second user equipment.
  • the second user equipment Determining, by the second user equipment, the user identifier corresponding to the implicit user identifier information of the first user equipment, that the user identifier of the first user equipment is specifically, so that the second Decrypting the first encrypted value by using a user identifier corresponding to the implicit user identifier information of the first user equipment and a user identifier of the second user equipment, and determining the first user equipment
  • the user identifier which in turn discovers the user of the first user equipment.
  • the receiving unit 51 is further configured to: after the second user equipment obtains the user identifier of the first user equipment, use the user identifier of the second user equipment and the obtained user of the first user equipment The identifier is used to encrypt the determined user identifier of the first user equipment, and after obtaining the second encryption value, receive the second encryption value sent by the second user equipment.
  • the determining unit 53 is configured to decrypt the second encrypted value by using a user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment, Obtaining a decryption result, if the decryption result includes the user identifier of the first user equipment, the decryption result is correct, and the first user equipment corresponds to the implicit user identifier information of the second user equipment.
  • the user identity is determined as the user identity of the second user device.
  • the first message further includes a user identifier type of the second user equipment and/or implicit user identifier information of the first user equipment; or, further includes a user identifier type of the second user equipment, and/or, Implicit user identification information and first of the first user equipment The user ID type of the user device.
  • the second message further includes indication information indicating that the user identifier type of the first user equipment is the implicit user identifier information.
  • the embodiment of the present invention provides a first user equipment, where the receiving unit receives a first message that is sent by the second user equipment and includes at least the implicit user identifier information of the second user equipment. Obtaining, by the user equipment, the corresponding relationship, the user identifier corresponding to the implicit user identifier information of the second user equipment; the determining unit, the user corresponding to the implicit user identifier information of the second user equipment In the identifier, the user identifier of the second user equipment is determined, and then the user of the second user equipment is found. The user identifier of the first user equipment and the second user equipment is processed by the scheme, and when the first user equipment and the second user equipment interact, the implicit user identifier information of the first user equipment and the second user equipment are utilized.
  • the implicit user identification information can ensure the security of the user identification information of the user equipment, so that the user equipment can securely discover each other.
  • An embodiment of the present invention provides a user equipment, where the user equipment is a first user equipment.
  • the first user equipment 70 includes: a memory 73, a transceiver 71, and a processor 72.
  • the memory 73 stores a correspondence between the user identifier of the first user equipment and the at least one other user equipment and the implicit user identification information.
  • the transceiver 71 is configured to receive, by the second user equipment, a first message that includes at least the implicit user identity information of the second user equipment.
  • the processor 72 is configured to obtain, according to the correspondence stored by the storage unit, a user identifier corresponding to the implicit user identifier information of the second user equipment.
  • the processor 72 is further configured to determine, from a user identifier corresponding to the implicit user identifier information of the second user equipment, a user identifier of the second user equipment, and further discover the second user equipment. user.
  • the user identifier of the first/second user equipment is a plaintext user identifier of the user identifier of the first/second user equipment, and the implicit user identifier information of the first/second user equipment is a usage reservation. And obtaining, by the function or the predetermined algorithm, information obtained by processing at least the user identifier of the first/second user equipment; or, the first/second user setting.
  • the user identifier and the implicit user identifier information are respectively two identifiers corresponding to the same user equipment allocated by the server for the first/second user equipment.
  • the predetermined function is specifically a hash function
  • the implicit user identification information of the first/second user equipment is specifically configured to use a hash function for at least the user identifier of the first/second user equipment. The information obtained after the transformation.
  • the predetermined algorithm is a public-private key algorithm
  • the implicit user identification information of the first/second user equipment is a secret generated by mapping the user identifier of the first/second user equipment by using a public-private key algorithm. Key; or,
  • the predetermined algorithm is specifically an encryption algorithm based on a public-private key algorithm
  • the implicit user identification information of the first/second user equipment is specifically configured by using a public-private key algorithm for the user identifier of the first/second user equipment.
  • the generated key encrypts the encrypted value of the user identifier of the first/second user equipment.
  • the transceiver 7 1 is further configured to send, to the second user equipment, a second message that includes at least the implicit user identifier information of the first user equipment, so that the second user equipment is configured according to the second user equipment.
  • a second message that includes at least the implicit user identifier information of the first user equipment, so that the second user equipment is configured according to the second user equipment.
  • the processor 72 is further configured to use the user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment, The user identifier corresponding to the implicit user identifier information of the second user equipment is encrypted to obtain a first encrypted value.
  • the transceiver 7 1 is further configured to send the first encrypted value to the second user equipment.
  • the second user equipment Determining, by the second user equipment, the user identifier corresponding to the implicit user identifier information of the first user equipment, that the user identifier of the first user equipment is specifically, so that the second Decrypting the first encrypted value by using a user identifier corresponding to the implicit user identifier information of the first user equipment and a user identifier of the second user equipment, and determining the first user equipment User ID.
  • the transceiver 7 1 is further configured to: after the second user equipment obtains the user identifier of the first user equipment, use the user identifier of the second user equipment, and the obtained first user equipment The user identifier is used to encrypt the determined user identifier of the first user equipment, and after obtaining the second encryption value, receive the second encryption value sent by the second user equipment.
  • the processor 72 is configured to decrypt the second encrypted value by using a user identifier of the first user equipment and the user identifier corresponding to the implicit user identifier information of the second user equipment. Obtaining a decryption result, if the decryption result includes the user identifier of the first user equipment, the decryption result is correct, and the first user equipment corresponds to the implicit user identifier information of the second user equipment.
  • the user identity is determined as the user identity of the second user device.
  • the first message further includes a user identifier type of the second user equipment and/or implicit user identifier information of the first user equipment; or, further includes a user identifier type of the second user equipment, and/or, The implicit user identification information of the first user equipment and the user identification type of the first user equipment.
  • the second message further includes indication information indicating that the user identifier type of the first user equipment is the implicit user identifier information.
  • the embodiment of the present invention provides a first user equipment, where the transceiver receives a first message that is sent by the second user equipment and includes at least the implicit user identifier information of the second user equipment.
  • the transceiver receives a first message that is sent by the second user equipment and includes at least the implicit user identifier information of the second user equipment.
  • the user identifier of the second user equipment is determined, and the user of the second user equipment is found.
  • the user identifier of the first user equipment and the second user equipment is processed by the scheme, and when the first user equipment and the second user equipment interact, the implicit user identifier information of the first user equipment and the second user equipment are utilized.
  • the implicit user identification information can ensure the security of the user identification information of the user equipment, so that the user equipment can securely
  • the device embodiments described above are merely illustrative, wherein The units described as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • the connection relationship between the modules indicates that there is a communication connection between them, and specifically may be implemented as one or more communication buses or signal lines.
  • the present invention can be implemented by means of software plus necessary general hardware, and of course, through dedicated hardware, including an application specific integrated circuit, a dedicated CPU, a dedicated memory, Special components and so on.
  • functions performed by computer programs can be easily implemented with the corresponding hardware.
  • the specific hardware structure used to implement the same function can be various, such as analog circuits, digital circuits, or dedicated circuits. Circuits, etc.
  • software program implementation is a better implementation in more cases.
  • the technical solution of the present invention which is essential or contributes to the prior art, can be embodied in the form of a software product stored in a readable storage medium, such as a floppy disk of a computer.
  • a readable storage medium such as a floppy disk of a computer.
  • U disk mobile hard disk
  • ROM Read-Only lyme
  • RAM Random Ac ce ss Memory

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un procédé pour découvrir un utilisateur d'un équipement, et un équipement d'utilisateur, de manière à améliorer la sécurité des informations d'identification d'utilisateur, et à permettre à des équipements d'utilisateur de se découvrir les uns les autres en toute sécurité. Le procédé comprend : recevoir un premier message qui est envoyé par un second équipement d'utilisateur et contient au moins des informations d'identification d'utilisateur implicites sur le second équipement d'utilisateur ; en fonction d'une corrélation stockée par un premier équipement d'utilisateur, obtenir l'identification d'utilisateur correspondant aux informations d'identification d'utilisateur implicites sur le second équipement d'utilisateur ; et à partir de l'identification d'utilisateur correspondant aux informations d'identification d'utilisateur implicites sur le second équipement d'utilisateur, déterminer l'identification d'utilisateur du second équipement d'utilisateur, et découvrir ainsi un utilisateur du second équipement d'utilisateur. La présente invention est applicable au domaine des communications.
PCT/CN2014/079124 2013-06-07 2014-06-04 Procédé pour découvrir un utilisateur d'équipement, et équipement d'utilisateur Ceased WO2014194818A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP14807807.4A EP2947815A4 (fr) 2013-06-07 2014-06-04 Procédé pour découvrir un utilisateur d'équipement, et équipement d'utilisateur
US14/823,080 US9906953B2 (en) 2013-06-07 2015-08-11 Method and user equipment for discovering device user

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310225872.3 2013-06-07
CN201310225872.3A CN104243153B (zh) 2013-06-07 2013-06-07 一种用于发现设备的用户的方法和用户设备

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14/823,080 Continuation US9906953B2 (en) 2013-06-07 2015-08-11 Method and user equipment for discovering device user

Publications (1)

Publication Number Publication Date
WO2014194818A1 true WO2014194818A1 (fr) 2014-12-11

Family

ID=52007565

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/079124 Ceased WO2014194818A1 (fr) 2013-06-07 2014-06-04 Procédé pour découvrir un utilisateur d'équipement, et équipement d'utilisateur

Country Status (4)

Country Link
US (1) US9906953B2 (fr)
EP (1) EP2947815A4 (fr)
CN (1) CN104243153B (fr)
WO (1) WO2014194818A1 (fr)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104994078B (zh) * 2015-06-10 2019-07-19 杭州海康威视数字技术股份有限公司 局域网内的信息发送、获取方法及装置、信息处理系统
US9954836B2 (en) * 2015-11-06 2018-04-24 Bank Of America Corporation Wireless network information flow conditioning
US10587360B2 (en) * 2016-02-26 2020-03-10 Hewlett Packard Enterprise Development Lp Device privacy protection
CN107592281B (zh) * 2016-07-06 2022-04-05 华为技术有限公司 一种传输数据的保护系统、方法及装置
CN115581125A (zh) * 2021-04-19 2023-01-06 北京小米移动软件有限公司 通信设备检测方法、装置、通信设备和存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101404576A (zh) * 2008-09-27 2009-04-08 深圳市迅雷网络技术有限公司 一种网络资源查询方法和系统
CN101510902A (zh) * 2009-03-25 2009-08-19 杭州华三通信技术有限公司 防止无线客户端在上网过程中掉线的方法、系统和设备
US20110128882A1 (en) * 2008-09-01 2011-06-02 Panasonic Corporation Radio transmitter and radio receiver
CN102333279A (zh) * 2011-07-29 2012-01-25 上海合合信息科技发展有限公司 一种结合蓝牙无线技术的电子名片传递方法及系统

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040266533A1 (en) * 2003-04-16 2004-12-30 Gentles Thomas A Gaming software distribution network in a gaming system environment
KR20100066853A (ko) * 2008-12-10 2010-06-18 삼성전자주식회사 소셜 네트워크 형성 방법 및 그 장치
US9078128B2 (en) * 2011-06-03 2015-07-07 Apple Inc. System and method for secure identity service
US9679336B2 (en) * 2011-10-19 2017-06-13 Facebook, Inc. Social ad hoc networking protocol and presentation layer
US9037653B2 (en) * 2011-12-09 2015-05-19 Facebook, Inc. Mobile ad hoc networking

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110128882A1 (en) * 2008-09-01 2011-06-02 Panasonic Corporation Radio transmitter and radio receiver
CN101404576A (zh) * 2008-09-27 2009-04-08 深圳市迅雷网络技术有限公司 一种网络资源查询方法和系统
CN101510902A (zh) * 2009-03-25 2009-08-19 杭州华三通信技术有限公司 防止无线客户端在上网过程中掉线的方法、系统和设备
CN102333279A (zh) * 2011-07-29 2012-01-25 上海合合信息科技发展有限公司 一种结合蓝牙无线技术的电子名片传递方法及系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2947815A4 *

Also Published As

Publication number Publication date
EP2947815A1 (fr) 2015-11-25
US9906953B2 (en) 2018-02-27
EP2947815A4 (fr) 2016-04-13
CN104243153B (zh) 2017-11-17
US20150350897A1 (en) 2015-12-03
CN104243153A (zh) 2014-12-24

Similar Documents

Publication Publication Date Title
US11451614B2 (en) Cloud authenticated offline file sharing
US11178125B2 (en) Wireless network connection method, wireless access point, server, and system
CN105450406B (zh) 数据处理的方法和装置
KR102018971B1 (ko) 네트워크 액세스 디바이스가 무선 네트워크 액세스 포인트를 액세스하게 하기 위한 방법, 네트워크 액세스 디바이스, 애플리케이션 서버 및 비휘발성 컴퓨터 판독가능 저장 매체
EP3175597B1 (fr) Appareil et procédé pour partager une interface de module de sécurité matériel dans un réseau collaboratif
CN112566119B (zh) 终端认证方法、装置、计算机设备及存储介质
CN105554760B (zh) 无线接入点认证方法、装置及系统
WO2018177045A1 (fr) Procédé et dispositif de gestion de certificat numérique
CN114417309B (zh) 一种双向身份验证方法、装置、设备及存储介质
WO2019047927A1 (fr) Procédé et dispositif de gestion de justificatif d'identité numérique
CN111314269B (zh) 一种地址自动分配协议安全认证方法及设备
Ullah et al. A secure NDN framework for Internet of Things enabled healthcare
CN106031120A (zh) 密钥管理
US20210336781A1 (en) Network device, method for security and computer readable storage medium
WO2014194818A1 (fr) Procédé pour découvrir un utilisateur d'équipement, et équipement d'utilisateur
WO2019066720A1 (fr) Procédé et appareil de gestion de clé
WO2014146609A1 (fr) Procédé de traitement d'informations, serveur de confiance et serveur en nuage
CN110621016A (zh) 一种用户身份保护方法、用户终端和基站
CN111918283A (zh) 一种物联网设备的配网方法、装置、系统及存储介质
CN105812219A (zh) 帧传递方法以及相关装置和通信系统
CN110730447A (zh) 一种用户身份保护方法、用户终端和核心网
WO2014201783A1 (fr) Procédé, système et terminal de chiffrement et d'authentification pour un réseau ad hoc
CN103248492A (zh) 可验证的分布式隐私数据比较与排序方法
CN113316146B (zh) 提供网络接入服务的方法、接入点、终端
CN111800791B (zh) 认证方法及核心网设备、终端

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14807807

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2014807807

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE